W3C home > Mailing lists > Public > public-xmlsec@w3.org > October 2011

Re: Updated XML Encryption 1.1

From: MURATA Makoto <eb2m-mrt@asahi-net.or.jp>
Date: Wed, 12 Oct 2011 10:45:47 +0900
Message-ID: <CALvn5EALN62ykwmH9jOHf_Ju4Td_1ZcC9J+=sTg_vYwa3rb6Dg@mail.gmail.com>
To: public-xmlsec@w3.org
We then have to change xenc-schema-11.rnc as well.  Attached please find a
proposal (named xenc-schema-11-rev.rnc).

There are three changes.

1) Addition of MGF and MGFType

xenc11_MGF = element name MFG {xenc11_MFGType }
xenc11_MGFType =
  # Restricts xenc11:AlgorithmIdentifierType
  attribute Algorithm {xsd:anyURI}

2) Addition of an alternative option in xenc_EncryptionMethodOtherParams

  (attribute Algorithm { xsd:anyURI
"http://www.w3.org/2001/04/xmlenc#rsa-oaep" },

This means that when the value of the Algorithm attribute is c,
an optional MGF element can occur (after the optional KeySize element).

3) Add http://www.w3.org/2001/04/xmlenc#rsa-oaep to the list of known algorithms

This is needed so that lenient schemas do not allow other elements when


2011/10/12  <Frederick.Hirsch@nokia.com>:
> I have updated XML Encryption 1.1 editors draft, see http://www.w3.org/2008/xmlsec/Drafts/xmlenc-core-11/Overview.html
> The changes are as follows:
> 1. Implemented change proposed on list and agreed on today's call, with additional change to having MGF as element.
> (Proposal at http://lists.w3.org/Archives/Public/public-xmlsec/2011Oct/0024.html and minutes at http://lists.w3.org/Archives/Public/public-xmlsec/2011Oct/att-0032/minutes-2011-10-11.html#item03 )
> 2. Updated xenc-schema11.xsd to add MGF element definition. Did *not* add comment to xenc-schema.xsd in EncryptionMethod element to note where this might go as it is described in the text. Thanks to Scott for reviewing and proposing schema improvements.
> 3. In addition to changes in proposal, in put in 5.5.2 schema snippet MGF defintion, also added second example (one for each URI case). Also changes in proposal to wording to accommodate MGF as an element.
> 4. Updated the broken RIPEMD-160 reference and fixed some validation errors in the source.
> Please review sections 3.2, 5.1 (Key Transport algorithm identifiers), 5.5 (removed last paragraph), 5.5.1 (added paragraph break), and 5.5.2 (significant revision of text for RSA-OAEP).
> Still need to define URL for SHA2 mask generation function (ACTION-845) and update algorithm cross reference (ACTION-846)
> Thanks
> regards, Frederick
> Frederick Hirsch
> Nokia
> This should complete ACTION-844


Praying for the victims of the Japan Tohoku earthquake


Received on Wednesday, 12 October 2011 01:46:16 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:55:17 UTC